ports/71169: Update: security/samhain 1.8.10b -> 1.8.11

David Thiel lx at redundancy.redundancy.org
Mon Aug 30 22:00:44 UTC 2004 

>Number:         71169
>Category:       ports
>Synopsis:       Update: security/samhain 1.8.10b -> 1.8.11
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Aug 30 22:00:43 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     David Thiel
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
>Environment:
System: FreeBSD redundancy.redundancy.org 4.9-STABLE FreeBSD 4.9-STABLE #15: Wed Nov 19 21:41:32 PST 2003 lx at redundancy.redundancy.org:/usr/obj/usr/src/sys/REDUNDANCY i386


>Description:

Updating the Samhain integrity checking system from 1.8.10b to 1.8.11.

Code changes include:

o for files in the IgnoreAll policy, there are no warnings (anymore) about
  'no such user/group' and/or non-printable filenames

o there is a new option HardlinkOffset=... to specify an offset from the
  canonical hardlink count for a directory

o ... and a new option AddOKChars=... to modify the set of characters in
  a filename for which a warning (about obscure/non-printable) filename
  is issued.

Port changes:

Turn off kernel integrity checking by default - building this into packages
wouldn't work anyhow, since it would only work with an identical kernel as
on the build cluster.


>How-To-Repeat:
>Fix:


diff -ruN samhain/Makefile samhain.new/Makefile
--- samhain/Makefile	Thu Aug 12 04:20:28 2004
+++ samhain.new/Makefile	Mon Aug 30 14:51:38 2004
@@ -5,7 +5,7 @@
 # $FreeBSD: ports/security/samhain/Makefile,v 1.17 2004/08/11 23:00:12 pav Exp $
 #
 #
-# This port recognizes the following non-binary tunables:
+# This port recognizes the following non-boolean tunables:
 #
 # WITH_RUNAS_USER:
 #	Whe building with "WITH_SERVER" defined, the username of the
@@ -17,7 +17,7 @@
 #
 
 PORTNAME=	samhain
-PORTVERSION=	1.8.10b
+PORTVERSION=	1.8.11
 CATEGORIES=	security
 MASTER_SITES=	http://la-samhna.de/archive/ \
 		http://cold.darkambient.net/
@@ -26,7 +26,7 @@
 MAINTAINER=	lx at redundancy.redundancy.org
 COMMENT=	The Samhain Intrusion Detection System
 
-OPTIONS=	KCHECK "Enable rogue KLD detection" on \
+OPTIONS=	KCHECK "Enable rogue KLD detection" off \
 		GPG "Enable GnuPG support" off \
 		MYSQL "Enable MySQL logging" off \
 		POSTGRESQL "Enable PostgreSQL logging" off \
@@ -111,9 +111,9 @@
 
 .if !defined(WITHOUT_KCHECK)
 	@${ECHO_MSG}
-	@${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem."
-	@${ECHO_MSG} "If you're not building as root, please hit Control-C and"
-	@${ECHO_MSG} "restart the build as root."
+	@${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem"
+	@${ECHO_MSG} "and /dev/mem. If you're not building as root, please hit 
+	@${ECHO_MSG} "Control-C and restart the build as root."
 	@${ECHO_MSG}
 .endif
 
diff -ruN samhain/distinfo samhain.new/distinfo
--- samhain/distinfo	Thu Aug 12 04:20:28 2004
+++ samhain.new/distinfo	Mon Aug 30 14:45:54 2004
@@ -1,2 +1,2 @@
-MD5 (samhain_signed-1.8.10b.tar.gz) = f7c638e6989cb44287e814cf008877cd
-SIZE (samhain_signed-1.8.10b.tar.gz) = 972170
+MD5 (samhain_signed-1.8.11.tar.gz) = b07d557a4fd598d9406b8338204e20f9
+SIZE (samhain_signed-1.8.11.tar.gz) = 956426
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list